ACK: [SRU][Trusty][Artful][PATCH 0/1] Fix for CVE-2017-17806

Khaled Elmously khalid.elmously at canonical.com
Fri Feb 2 06:40:30 UTC 2018


On 2018-02-01 17:06:09 , Kleber Sacilotto de Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17806.html
> 
> Clean cherry-pick for Trusty and Artful, fix for Xenial is queued as part of
> stable update to 4.4.107.
> 
> I was able to reproduce the bug with the reproducer from the commit message
> but only with Artful kernel. The bug seems to be a real issue only after
> SHA-3 support was added (requires CONFIG_CRYPTO_SHA3), which was done on
> v4.8-rc1, so in theory only Artful and later series are affected. But anyway
> I believe it's valid to fix this bug on Trusty (and Xenial). 
> 
> Eric Biggers (1):
>   crypto: hmac - require that the underlying hash algorithm is unkeyed
> 
>  crypto/hmac.c                  | 6 +++++-
>  crypto/shash.c                 | 5 +++--
>  include/crypto/internal/hash.h | 8 ++++++++
>  3 files changed, 16 insertions(+), 3 deletions(-)
> 
Acked-by: Khalid Elmously <khalid.elmously at canonical.com>





More information about the kernel-team mailing list